modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions (666) for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-03-01T02:00:00
Updated: 2013-04-04T09:00:00
Reserved: 2012-12-06T00:00:00
Link: CVE-2012-6116
JSON object: View
NVD Information
Status : Modified
Published: 2013-03-01T05:40:16.910
Modified: 2013-04-04T03:21:52.980
Link: CVE-2012-6116
JSON object: View
Redhat Information
No data.
CWE